httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 52377] New: Add Directives to assert user, group, and permissions on SSL certificate private key file
Date Tue, 20 Dec 2011 22:06:12 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=52377

             Bug #: 52377
           Summary: Add Directives to assert user, group, and permissions
                    on SSL certificate private key file
           Product: Apache httpd-2
           Version: 2.2.21
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: ericrrath@fmailbox.com
    Classification: Unclassified


Add optional directives "SSLCertificateKeyFileUser",
"SSLCertificateKeyFileGroup",  and "SSLCertificateKeyFilePerms", supported in
same places as "SSLCertificateKeyFile".  When present, check the user, group,
and/or perms of the private key file in question, and if any assertions fail,
then log error, or even fail configtest/startup.

The motivation is have httpd optionally ensure private keys are not any more
visible on filesytem than necessary.  This idea is borrowed from ssh's similar
check on private keys.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message